kernel/bpf-developer-tutorial
1
0
Fork 0
mirror of https://github.com/eunomia-bpf/bpf-developer-tutorial.git synced 2026-02-03 18:24:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Deploying to gh-pages from @ eunomia-bpf/bpf-developer-tutorial@8dae44e69f 🚀

Browse Source
This commit is contained in:
yunwei37
2024-06-25 09:49:09 +00:00
parent a6253ee5e5
commit 8203f74ca4
5 changed files with 17 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
print.html
View File

@@ -5164,7 +5164,7 @@ int BPF_URETPROBE(probe_SSL_do_handshake_exit) {
<pre><code class="language-c"> if (env.openssl) {
char *openssl_path = find_library_path("libssl.so");
printf("OpenSSL path: %s\n", openssl_path);
attach_openssl(obj, "/lib/x86_64-linux-gnu/libssl.so.3");
attach_openssl(obj, openssl_path);
}
if (env.gnutls) {
char *gnutls_path = find_library_path("libgnutls.so");
@@ -5187,7 +5187,7 @@ int BPF_URETPROBE(probe_SSL_do_handshake_exit) {
skel-&gt;links.prog_name = bpf_program__attach_uprobe_opts( \
skel-&gt;progs.prog_name, env.pid, binary_path, 0, &amp;uprobe_opts); \
} while (false)
int attach_openssl(struct sslsniff_bpf *skel, const char *lib) {
ATTACH_UPROBE_CHECKED(skel, lib, SSL_write, probe_SSL_rw_enter);
ATTACH_URETPROBE_CHECKED(skel, lib, SSL_write, probe_SSL_write_exit);
@@ -5246,9 +5246,9 @@ void print_event(struct probe_SSL_data_t *event, const char *evt) {
if (buf_size != 0) {
if (env.hexdump) {
// 2 characters for each byte + null terminator
char hex_data[MAX_BUF_SIZE * 2 + 1] = {0};
char hex_data[MAX_BUF_SIZE * 2 + 1] = {0};
buf_to_hex((uint8_t *)buf, buf_size, hex_data);
printf("\n%s\n", s_mark);
for (size_t i = 0; i &lt; strlen(hex_data); i += 32) {
printf("%.32s\n", hex_data + i);
@@ -5290,7 +5290,7 @@ void print_event(struct probe_SSL_data_t *event, const char *evt) {
</code></pre>
<h3 id="sslsniff-输出"><a class="header" href="#sslsniff-输出"><strong>sslsniff 输出</strong></a></h3>
<p>当执行 <code>curl</code> 命令后,<code>sslsniff</code> 会显示以下内容:</p>
<pre><code class="language-txt"> READ/RECV 0.132786160 curl 47458 1256
<pre><code class="language-txt"> READ/RECV 0.132786160 curl 47458 1256
----- DATA -----
&lt;!doctype html&gt;
...
@@ -5311,12 +5311,12 @@ OpenSSL path: /lib/x86_64-linux-gnu/libssl.so.3
GnuTLS path: /lib/x86_64-linux-gnu/libgnutls.so.30
NSS path: /lib/x86_64-linux-gnu/libnspr4.so
FUNC TIME(s) COMM PID LEN LAT(ms)
HANDSHAKE 0.000000000 curl 6460 1 1.384 WRITE/SEND 0.000115400 curl 6460 24 0.014
HANDSHAKE 0.000000000 curl 6460 1 1.384 WRITE/SEND 0.000115400 curl 6460 24 0.014
</code></pre>
<h3 id="16进制输出"><a class="header" href="#16进制输出">16进制输出</a></h3>
<p>要以16进制格式显示数据请执行以下命令</p>
<pre><code class="language-console">$ sudo ./sslsniff --hexdump
WRITE/SEND 0.000000000 curl 16104 24
WRITE/SEND 0.000000000 curl 16104 24
----- DATA -----
505249202a20485454502f322e300d0a
0d0a534d0d0a0d0a